FYI: SSH1 now disabled at compile-time by default

Iain Morgan imorgan at nas.nasa.gov
Fri Mar 27 09:12:40 AEDT 2015


No, I just think 15 years or so is more than enough time to have
addressed the issue.

On Thu, Mar 26, 2015 at 14:05:08 -0700, Dan Kaminsky wrote:
> So, this isn't your problem and you don't respect the people's whose
> problem it is.
> 
> On Thu, Mar 26, 2015 at 12:43 PM, Iain Morgan <imorgan at nas.nasa.gov> wrote:
> 
> > On Thu, Mar 26, 2015 at 11:55:18 -0700, Dan Kaminsky wrote:
> > > You're right.  My argument the is the next build of OpenSSH should be
> > > OpenSSH 7, and the one after that 8, then 9, then 10.  No minor releases?
> > > Sure, go ahead.  Deprecate the point,
> > >
> > > Do you manage any machines running SSHv1?
> > >
> >
> > If by "running" you mean accepting SSH1, of course not. From a security
> > perspective, no one should be using SSH1.
> >
> > For those who, for whatever reason, need to support systems that only
> > support SSH1, there are already sufficient solutions that have been
> > noted multiple times on this list.
> >
> > Those who are still using SSH1 have already demonstrated the fact that
> > they are slow to embrace new technology, so I would not be surprised to
> > find that the majority of them are also slow to upgrade to newer
> > versions of OpenSSH. I would also not be surprised to find that many of
> > them are still using telnet to manage their routers.
> >
> > --
> > Iain Morgan
> >

-- 
Iain Morgan


More information about the openssh-unix-dev mailing list